package com.dzm.aspect;

import com.dzm.anno.RequirePermission;
import com.dzm.constants.ClientConstant;
import com.dzm.constants.RedisConstant;
import com.dzm.except.BusinessException;
import com.dzm.to.LoginUser;
import com.dzm.utils.JwtUtil;
import org.aspectj.lang.ProceedingJoinPoint;
import org.aspectj.lang.annotation.Around;
import org.aspectj.lang.annotation.Aspect;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.data.redis.core.RedisTemplate;
import org.springframework.stereotype.Component;
import org.springframework.web.context.request.RequestContextHolder;
import org.springframework.web.context.request.ServletRequestAttributes;

import javax.servlet.http.HttpServletRequest;
import java.util.List;
import java.util.Map;

/**
 * 作者：Dzm
 * 时间：2024-08-31-13:43
 * 功能：
 */

@Component
@Aspect
public class PermissionAspect {
    @Autowired
    private RedisTemplate<String, Object> redisTemplate;

    @Around("@annotation(permissions)")
    public Object aroundMethod(ProceedingJoinPoint point, RequirePermission permissions) throws Throwable {
        //所需权限
        String[] requirePermissions = permissions.value();

        //获取用户权限
        List<String> userPermission = getUserPermissions();

        //判断用户是否有访问权限
        isHavePermissions(requirePermissions, userPermission, permissions.logical());

        return point.proceed();
    }

    private void isHavePermissions(String[] requirePermissions, List<String> userPermission, String logical) {
        for (String permission : requirePermissions) {
            if("and".equalsIgnoreCase(logical)) {
                if(!userPermission.contains(permission)) {
                    throw new BusinessException("没有访问权限！", 555);
                }
            }else if("or".equalsIgnoreCase(logical)){
                if(userPermission.contains(permission)) {
                    return;
                }
            }else {
                throw new BusinessException("无效的权限连接符！", 555);
            }
        }

        if("or".equalsIgnoreCase(logical)) {
            throw new BusinessException("没有访问权限！", 555);
        }

    }

    private List<String> getUserPermissions() {
        ServletRequestAttributes attributes = (ServletRequestAttributes) RequestContextHolder.getRequestAttributes();
        if(attributes != null) {
            HttpServletRequest request = attributes.getRequest();

            //获取token
            String authorization = request.getHeader(ClientConstant.CLIENT_TOKEN_NAME);
            String token = authorization.replaceFirst(ClientConstant.CLIENT_TOKEN_PRE, "");

            //解析token
            Map<String, Object> claims = JwtUtil.parseToken(token);
            String uuid = (String) claims.get("access_id");
            String key = RedisConstant.LOGIN_TOKEN + uuid;
            //获取用户信息
            LoginUser loginUser = (LoginUser) redisTemplate.opsForValue().get(key);
            if(loginUser != null) {
                return loginUser.getUser().getPermission();
            }
        }

        return null;
    }
}
